npm - tlc-claude-code - Versions diffs - 1.4.8 → 1.4.9 - Mend

tlc-claude-code 1.4.8 → 1.4.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (169) hide show

package/package.json +1 -1
package/server/index.js +229 -14
package/server/lib/compliance/control-mapper.js +401 -0
package/server/lib/compliance/control-mapper.test.js +117 -0
package/server/lib/compliance/evidence-linker.js +296 -0
package/server/lib/compliance/evidence-linker.test.js +121 -0
package/server/lib/compliance/gdpr-checklist.js +416 -0
package/server/lib/compliance/gdpr-checklist.test.js +131 -0
package/server/lib/compliance/hipaa-checklist.js +277 -0
package/server/lib/compliance/hipaa-checklist.test.js +101 -0
package/server/lib/compliance/iso27001-checklist.js +287 -0
package/server/lib/compliance/iso27001-checklist.test.js +99 -0
package/server/lib/compliance/multi-framework-reporter.js +284 -0
package/server/lib/compliance/multi-framework-reporter.test.js +127 -0
package/server/lib/compliance/pci-dss-checklist.js +214 -0
package/server/lib/compliance/pci-dss-checklist.test.js +95 -0
package/server/lib/compliance/trust-centre.js +187 -0
package/server/lib/compliance/trust-centre.test.js +93 -0
package/server/lib/dashboard/api-server.js +155 -0
package/server/lib/dashboard/api-server.test.js +155 -0
package/server/lib/dashboard/health-api.js +199 -0
package/server/lib/dashboard/health-api.test.js +122 -0
package/server/lib/dashboard/notes-api.js +234 -0
package/server/lib/dashboard/notes-api.test.js +134 -0
package/server/lib/dashboard/router-api.js +176 -0
package/server/lib/dashboard/router-api.test.js +132 -0
package/server/lib/dashboard/tasks-api.js +289 -0
package/server/lib/dashboard/tasks-api.test.js +161 -0
package/server/lib/dashboard/tlc-introspection.js +197 -0
package/server/lib/dashboard/tlc-introspection.test.js +138 -0
package/server/lib/dashboard/version-api.js +222 -0
package/server/lib/dashboard/version-api.test.js +112 -0
package/server/lib/dashboard/websocket-server.js +104 -0
package/server/lib/dashboard/websocket-server.test.js +118 -0
package/server/lib/deploy/branch-classifier.js +163 -0
package/server/lib/deploy/branch-classifier.test.js +164 -0
package/server/lib/deploy/deployment-approval.js +299 -0
package/server/lib/deploy/deployment-approval.test.js +296 -0
package/server/lib/deploy/deployment-audit.js +374 -0
package/server/lib/deploy/deployment-audit.test.js +307 -0
package/server/lib/deploy/deployment-executor.js +335 -0
package/server/lib/deploy/deployment-executor.test.js +329 -0
package/server/lib/deploy/deployment-rules.js +163 -0
package/server/lib/deploy/deployment-rules.test.js +188 -0
package/server/lib/deploy/rollback-manager.js +379 -0
package/server/lib/deploy/rollback-manager.test.js +321 -0
package/server/lib/deploy/security-gates.js +236 -0
package/server/lib/deploy/security-gates.test.js +222 -0
package/server/lib/k8s/gitops-config.js +188 -0
package/server/lib/k8s/gitops-config.test.js +59 -0
package/server/lib/k8s/helm-generator.js +196 -0
package/server/lib/k8s/helm-generator.test.js +59 -0
package/server/lib/k8s/kustomize-generator.js +176 -0
package/server/lib/k8s/kustomize-generator.test.js +58 -0
package/server/lib/k8s/network-policy.js +114 -0
package/server/lib/k8s/network-policy.test.js +53 -0
package/server/lib/k8s/pod-security.js +114 -0
package/server/lib/k8s/pod-security.test.js +55 -0
package/server/lib/k8s/rbac-generator.js +132 -0
package/server/lib/k8s/rbac-generator.test.js +57 -0
package/server/lib/k8s/resource-manager.js +172 -0
package/server/lib/k8s/resource-manager.test.js +60 -0
package/server/lib/k8s/secrets-encryption.js +168 -0
package/server/lib/k8s/secrets-encryption.test.js +49 -0
package/server/lib/monitoring/alert-manager.js +238 -0
package/server/lib/monitoring/alert-manager.test.js +106 -0
package/server/lib/monitoring/health-check.js +226 -0
package/server/lib/monitoring/health-check.test.js +176 -0
package/server/lib/monitoring/incident-manager.js +230 -0
package/server/lib/monitoring/incident-manager.test.js +98 -0
package/server/lib/monitoring/log-aggregator.js +147 -0
package/server/lib/monitoring/log-aggregator.test.js +89 -0
package/server/lib/monitoring/metrics-collector.js +337 -0
package/server/lib/monitoring/metrics-collector.test.js +172 -0
package/server/lib/monitoring/status-page.js +214 -0
package/server/lib/monitoring/status-page.test.js +105 -0
package/server/lib/monitoring/uptime-monitor.js +194 -0
package/server/lib/monitoring/uptime-monitor.test.js +109 -0
package/server/lib/network/fail2ban-config.js +294 -0
package/server/lib/network/fail2ban-config.test.js +275 -0
package/server/lib/network/firewall-manager.js +252 -0
package/server/lib/network/firewall-manager.test.js +254 -0
package/server/lib/network/geoip-filter.js +282 -0
package/server/lib/network/geoip-filter.test.js +264 -0
package/server/lib/network/rate-limiter.js +229 -0
package/server/lib/network/rate-limiter.test.js +293 -0
package/server/lib/network/request-validator.js +351 -0
package/server/lib/network/request-validator.test.js +345 -0
package/server/lib/network/security-headers.js +251 -0
package/server/lib/network/security-headers.test.js +283 -0
package/server/lib/network/tls-config.js +210 -0
package/server/lib/network/tls-config.test.js +248 -0
package/server/lib/security/auth-security.js +369 -0
package/server/lib/security/auth-security.test.js +448 -0
package/server/lib/security/cis-benchmark.js +152 -0
package/server/lib/security/cis-benchmark.test.js +137 -0
package/server/lib/security/compose-templates.js +312 -0
package/server/lib/security/compose-templates.test.js +229 -0
package/server/lib/security/container-runtime.js +456 -0
package/server/lib/security/container-runtime.test.js +503 -0
package/server/lib/security/cors-validator.js +278 -0
package/server/lib/security/cors-validator.test.js +310 -0
package/server/lib/security/crypto-utils.js +253 -0
package/server/lib/security/crypto-utils.test.js +409 -0
package/server/lib/security/dockerfile-linter.js +459 -0
package/server/lib/security/dockerfile-linter.test.js +483 -0
package/server/lib/security/dockerfile-templates.js +278 -0
package/server/lib/security/dockerfile-templates.test.js +164 -0
package/server/lib/security/error-sanitizer.js +426 -0
package/server/lib/security/error-sanitizer.test.js +331 -0
package/server/lib/security/headers-generator.js +368 -0
package/server/lib/security/headers-generator.test.js +398 -0
package/server/lib/security/image-scanner.js +83 -0
package/server/lib/security/image-scanner.test.js +106 -0
package/server/lib/security/input-validator.js +352 -0
package/server/lib/security/input-validator.test.js +330 -0
package/server/lib/security/network-policy.js +174 -0
package/server/lib/security/network-policy.test.js +164 -0
package/server/lib/security/output-encoder.js +237 -0
package/server/lib/security/output-encoder.test.js +276 -0
package/server/lib/security/path-validator.js +359 -0
package/server/lib/security/path-validator.test.js +293 -0
package/server/lib/security/query-builder.js +421 -0
package/server/lib/security/query-builder.test.js +318 -0
package/server/lib/security/secret-detector.js +290 -0
package/server/lib/security/secret-detector.test.js +354 -0
package/server/lib/security/secrets-validator.js +137 -0
package/server/lib/security/secrets-validator.test.js +120 -0
package/server/lib/security-testing/dast-runner.js +154 -0
package/server/lib/security-testing/dast-runner.test.js +62 -0
package/server/lib/security-testing/dependency-scanner.js +172 -0
package/server/lib/security-testing/dependency-scanner.test.js +64 -0
package/server/lib/security-testing/pentest-runner.js +230 -0
package/server/lib/security-testing/pentest-runner.test.js +60 -0
package/server/lib/security-testing/sast-runner.js +136 -0
package/server/lib/security-testing/sast-runner.test.js +62 -0
package/server/lib/security-testing/secret-scanner.js +153 -0
package/server/lib/security-testing/secret-scanner.test.js +66 -0
package/server/lib/security-testing/security-gate.js +216 -0
package/server/lib/security-testing/security-gate.test.js +115 -0
package/server/lib/security-testing/security-reporter.js +303 -0
package/server/lib/security-testing/security-reporter.test.js +114 -0
package/server/lib/standards/audit-checker.js +546 -0
package/server/lib/standards/audit-checker.test.js +415 -0
package/server/lib/standards/cleanup-executor.js +452 -0
package/server/lib/standards/cleanup-executor.test.js +293 -0
package/server/lib/standards/refactor-stepper.js +425 -0
package/server/lib/standards/refactor-stepper.test.js +298 -0
package/server/lib/standards/standards-injector.js +167 -0
package/server/lib/standards/standards-injector.test.js +232 -0
package/server/lib/user-management.test.js +284 -0
package/server/lib/vps/backup-manager.js +157 -0
package/server/lib/vps/backup-manager.test.js +59 -0
package/server/lib/vps/caddy-config.js +159 -0
package/server/lib/vps/caddy-config.test.js +48 -0
package/server/lib/vps/compose-orchestrator.js +219 -0
package/server/lib/vps/compose-orchestrator.test.js +50 -0
package/server/lib/vps/database-config.js +208 -0
package/server/lib/vps/database-config.test.js +47 -0
package/server/lib/vps/deploy-script.js +211 -0
package/server/lib/vps/deploy-script.test.js +53 -0
package/server/lib/vps/secrets-manager.js +148 -0
package/server/lib/vps/secrets-manager.test.js +58 -0
package/server/lib/vps/server-hardening.js +174 -0
package/server/lib/vps/server-hardening.test.js +70 -0
package/server/package-lock.json +19 -0
package/server/package.json +1 -0
package/server/templates/CLAUDE.md +37 -0
package/server/templates/CODING-STANDARDS.md +408 -0

package/server/lib/standards/audit-checker.test.js ADDED Viewed

@@ -0,0 +1,415 @@
+/**
+ * Audit Checker Tests
+ */
+import { describe, it, expect, vi } from 'vitest';
+import {
+  auditProject,
+  checkStandardsFiles,
+  checkFlatFolders,
+  checkInlineInterfaces,
+  checkHardcodedUrls,
+  checkMagicStrings,
+  checkSeedOrganization,
+  checkJsDocCoverage,
+  checkImportStyle,
+  generateReport
+} from './audit-checker.js';
+describe('audit-checker', () => {
+  describe('checkStandardsFiles', () => {
+    it('passes when both files exist', async () => {
+      const mockFs = {
+        access: vi.fn().mockResolvedValue(undefined)
+      };
+      const result = await checkStandardsFiles('/test', { fs: mockFs });
+      expect(result.passed).toBe(true);
+      expect(result.issues).toHaveLength(0);
+    });
+    it('fails when CLAUDE.md missing', async () => {
+      const mockFs = {
+        access: vi.fn().mockImplementation((path) => {
+          if (path.includes('CLAUDE.md')) {
+            return Promise.reject(new Error('ENOENT'));
+          }
+          return Promise.resolve(undefined);
+        })
+      };
+      const result = await checkStandardsFiles('/test', { fs: mockFs });
+      expect(result.passed).toBe(false);
+      expect(result.issues).toContainEqual(expect.objectContaining({
+        file: 'CLAUDE.md',
+        type: 'missing'
+      }));
+    });
+    it('fails when CODING-STANDARDS.md missing', async () => {
+      const mockFs = {
+        access: vi.fn().mockImplementation((path) => {
+          if (path.includes('CODING-STANDARDS.md')) {
+            return Promise.reject(new Error('ENOENT'));
+          }
+          return Promise.resolve(undefined);
+        })
+      };
+      const result = await checkStandardsFiles('/test', { fs: mockFs });
+      expect(result.passed).toBe(false);
+      expect(result.issues).toContainEqual(expect.objectContaining({
+        file: 'CODING-STANDARDS.md',
+        type: 'missing'
+      }));
+    });
+  });
+  describe('checkFlatFolders', () => {
+    it('passes on clean project', async () => {
+      const mockGlob = vi.fn().mockResolvedValue([]);
+      const result = await checkFlatFolders('/test', { glob: mockGlob });
+      expect(result.passed).toBe(true);
+    });
+    it('fails on flat services/ folder', async () => {
+      const mockGlob = vi.fn().mockResolvedValue(['src/services/userService.js']);
+      const result = await checkFlatFolders('/test', { glob: mockGlob });
+      expect(result.passed).toBe(false);
+      expect(result.issues).toContainEqual(expect.objectContaining({
+        type: 'flat-folder',
+        folder: 'services'
+      }));
+    });
+    it('fails on flat interfaces/ folder', async () => {
+      const mockGlob = vi.fn().mockResolvedValue(['src/interfaces/IUser.ts']);
+      const result = await checkFlatFolders('/test', { glob: mockGlob });
+      expect(result.passed).toBe(false);
+      expect(result.issues).toContainEqual(expect.objectContaining({
+        type: 'flat-folder',
+        folder: 'interfaces'
+      }));
+    });
+    it('fails on flat controllers/ folder', async () => {
+      const mockGlob = vi.fn().mockResolvedValue(['src/controllers/userController.js']);
+      const result = await checkFlatFolders('/test', { glob: mockGlob });
+      expect(result.passed).toBe(false);
+      expect(result.issues).toContainEqual(expect.objectContaining({
+        type: 'flat-folder',
+        folder: 'controllers'
+      }));
+    });
+  });
+  describe('checkInlineInterfaces', () => {
+    it('passes on clean code', async () => {
+      const mockReadFile = vi.fn().mockResolvedValue(`
+        import { User } from './types/user';
+        export class UserService {
+          getUser(id: string): User { }
+        }
+      `);
+      const mockGlob = vi.fn().mockResolvedValue(['src/user/user.service.ts']);
+      const result = await checkInlineInterfaces('/test', {
+        glob: mockGlob,
+        readFile: mockReadFile
+      });
+      expect(result.passed).toBe(true);
+    });
+    it('fails on inline interface in service', async () => {
+      const mockReadFile = vi.fn().mockResolvedValue(`
+        interface UserData {
+          id: string;
+          name: string;
+        }
+        export class UserService {
+          getUser(id: string): UserData { }
+        }
+      `);
+      const mockGlob = vi.fn().mockResolvedValue(['src/services/user.service.ts']);
+      const result = await checkInlineInterfaces('/test', {
+        glob: mockGlob,
+        readFile: mockReadFile
+      });
+      expect(result.passed).toBe(false);
+      expect(result.issues).toContainEqual(expect.objectContaining({
+        type: 'inline-interface',
+        file: expect.stringContaining('user.service.ts')
+      }));
+    });
+  });
+  describe('checkHardcodedUrls', () => {
+    it('passes on clean code', async () => {
+      const mockReadFile = vi.fn().mockResolvedValue(`
+        const apiUrl = process.env.API_URL;
+        fetch(apiUrl + '/users');
+      `);
+      const mockGlob = vi.fn().mockResolvedValue(['src/api.js']);
+      const result = await checkHardcodedUrls('/test', {
+        glob: mockGlob,
+        readFile: mockReadFile
+      });
+      expect(result.passed).toBe(true);
+    });
+    it('fails on hardcoded URL', async () => {
+      const mockReadFile = vi.fn().mockResolvedValue(`
+        fetch('http://localhost:3000/api/users');
+      `);
+      const mockGlob = vi.fn().mockResolvedValue(['src/api.js']);
+      const result = await checkHardcodedUrls('/test', {
+        glob: mockGlob,
+        readFile: mockReadFile
+      });
+      expect(result.passed).toBe(false);
+      expect(result.issues).toContainEqual(expect.objectContaining({
+        type: 'hardcoded-url'
+      }));
+    });
+    it('fails on hardcoded port', async () => {
+      const mockReadFile = vi.fn().mockResolvedValue(`
+        const port = 3000;
+        app.listen(port);
+      `);
+      const mockGlob = vi.fn().mockResolvedValue(['src/server.js']);
+      const result = await checkHardcodedUrls('/test', {
+        glob: mockGlob,
+        readFile: mockReadFile
+      });
+      expect(result.passed).toBe(false);
+      expect(result.issues).toContainEqual(expect.objectContaining({
+        type: 'hardcoded-port'
+      }));
+    });
+  });
+  describe('checkMagicStrings', () => {
+    it('passes on clean code', async () => {
+      const mockReadFile = vi.fn().mockResolvedValue(`
+        import { STATUS_ACTIVE } from './constants';
+        if (user.status === STATUS_ACTIVE) { }
+      `);
+      const mockGlob = vi.fn().mockResolvedValue(['src/user.js']);
+      const result = await checkMagicStrings('/test', {
+        glob: mockGlob,
+        readFile: mockReadFile
+      });
+      expect(result.passed).toBe(true);
+    });
+    it('fails on magic string', async () => {
+      const mockReadFile = vi.fn().mockResolvedValue(`
+        if (user.status === 'active') {
+          if (user.role === 'admin') { }
+        }
+      `);
+      const mockGlob = vi.fn().mockResolvedValue(['src/user.js']);
+      const result = await checkMagicStrings('/test', {
+        glob: mockGlob,
+        readFile: mockReadFile
+      });
+      expect(result.passed).toBe(false);
+      expect(result.issues.length).toBeGreaterThan(0);
+      expect(result.issues[0].type).toBe('magic-string');
+    });
+  });
+  describe('checkSeedOrganization', () => {
+    it('passes when seeds are per-entity', async () => {
+      const mockGlob = vi.fn().mockResolvedValue([
+        'src/user/seeds/user.seed.ts',
+        'src/product/seeds/product.seed.ts'
+      ]);
+      const result = await checkSeedOrganization('/test', { glob: mockGlob });
+      expect(result.passed).toBe(true);
+    });
+    it('fails on flat seeds/ folder', async () => {
+      const mockGlob = vi.fn().mockResolvedValue([
+        'src/seeds/userSeed.ts',
+        'src/seeds/productSeed.ts'
+      ]);
+      const result = await checkSeedOrganization('/test', { glob: mockGlob });
+      expect(result.passed).toBe(false);
+      expect(result.issues).toContainEqual(expect.objectContaining({
+        type: 'flat-seeds'
+      }));
+    });
+  });
+  describe('checkJsDocCoverage', () => {
+    it('passes when functions have JSDoc', async () => {
+      const mockReadFile = vi.fn().mockResolvedValue(`
+        /**
+         * Gets a user by ID
+         * @param id - The user ID
+         * @returns The user object
+         */
+        export function getUser(id: string): User {
+          return users.find(u => u.id === id);
+        }
+      `);
+      const mockGlob = vi.fn().mockResolvedValue(['src/user.ts']);
+      const result = await checkJsDocCoverage('/test', {
+        glob: mockGlob,
+        readFile: mockReadFile
+      });
+      expect(result.passed).toBe(true);
+    });
+    it('fails when exported function lacks JSDoc', async () => {
+      const mockReadFile = vi.fn().mockResolvedValue(`
+        export function getUser(id: string): User {
+          return users.find(u => u.id === id);
+        }
+      `);
+      const mockGlob = vi.fn().mockResolvedValue(['src/user.ts']);
+      const result = await checkJsDocCoverage('/test', {
+        glob: mockGlob,
+        readFile: mockReadFile
+      });
+      expect(result.passed).toBe(false);
+      expect(result.issues).toContainEqual(expect.objectContaining({
+        type: 'missing-jsdoc'
+      }));
+    });
+  });
+  describe('checkImportStyle', () => {
+    it('passes on correct import style', async () => {
+      const mockReadFile = vi.fn().mockResolvedValue(`
+        import { User } from '@/user/types';
+        import { config } from '@/config';
+      `);
+      const mockGlob = vi.fn().mockResolvedValue(['src/service.ts']);
+      const result = await checkImportStyle('/test', {
+        glob: mockGlob,
+        readFile: mockReadFile
+      });
+      expect(result.passed).toBe(true);
+    });
+    it('warns on deep relative imports', async () => {
+      const mockReadFile = vi.fn().mockResolvedValue(`
+        import { User } from '../../../user/types';
+      `);
+      const mockGlob = vi.fn().mockResolvedValue(['src/deep/nested/service.ts']);
+      const result = await checkImportStyle('/test', {
+        glob: mockGlob,
+        readFile: mockReadFile
+      });
+      expect(result.passed).toBe(false);
+      expect(result.issues).toContainEqual(expect.objectContaining({
+        type: 'deep-import'
+      }));
+    });
+  });
+  describe('auditProject', () => {
+    it('runs all checks', async () => {
+      const mockOptions = {
+        fs: {
+          access: vi.fn().mockResolvedValue(undefined)
+        },
+        glob: vi.fn().mockResolvedValue([]),
+        readFile: vi.fn().mockResolvedValue('')
+      };
+      const result = await auditProject('/test', mockOptions);
+      expect(result).toHaveProperty('standardsFiles');
+      expect(result).toHaveProperty('flatFolders');
+      expect(result).toHaveProperty('inlineInterfaces');
+      expect(result).toHaveProperty('hardcodedUrls');
+      expect(result).toHaveProperty('magicStrings');
+      expect(result).toHaveProperty('seedOrganization');
+      expect(result).toHaveProperty('jsDocCoverage');
+      expect(result).toHaveProperty('importStyle');
+      expect(result).toHaveProperty('summary');
+    });
+    it('reports all issues found', async () => {
+      const mockOptions = {
+        fs: {
+          access: vi.fn().mockRejectedValue(new Error('ENOENT'))
+        },
+        glob: vi.fn().mockResolvedValue(['src/services/user.js']),
+        readFile: vi.fn().mockResolvedValue('fetch("http://localhost:3000")')
+      };
+      const result = await auditProject('/test', mockOptions);
+      expect(result.summary.totalIssues).toBeGreaterThan(0);
+      expect(result.summary.passed).toBe(false);
+    });
+  });
+  describe('generateReport', () => {
+    it('creates AUDIT-REPORT.md', () => {
+      const auditResults = {
+        standardsFiles: { passed: true, issues: [] },
+        flatFolders: { passed: false, issues: [{ type: 'flat-folder', folder: 'services' }] },
+        summary: { totalIssues: 1, passed: false }
+      };
+      const report = generateReport(auditResults);
+      expect(report).toContain('# Audit Report');
+      expect(report).toContain('flat-folder');
+      expect(report).toContain('services');
+    });
+    it('shows pass status', () => {
+      const auditResults = {
+        standardsFiles: { passed: true, issues: [] },
+        flatFolders: { passed: true, issues: [] },
+        summary: { totalIssues: 0, passed: true }
+      };
+      const report = generateReport(auditResults);
+      expect(report).toContain('PASSED');
+    });
+  });
+});